|
|||
Compromized tor ssh instances
I use tor on OpenBSD host for sshing into remote servers with dynamic IP addresses. In the middle of February, 2015 I witnessed strange pattern while trying to SSH into remote server running Debian GNU/Linux. I was offered a fake key and out of curiosity I accepted it. This same pattern continued with other remote machine running CentOS; I decided not to accept the key and contacted the admin at other side. They said they have not regenerated the keys on their host.
On OpenBSD host I checked how many users were logged in and it showed me 4 instances of a single user logins; which was strange. I regenerated the keys on the first machine, removed the previous one and reinitiated ssh sessions. It is my understanding that tor's x.509 certificates are self-signed and it is possible to force a MITM attack by forging certificates. Tor's exchange can be intercepted and forged. I can't demand logs from remote hosts to verify these incidents. After considering several options and in order to minimize the risk I decided to chroot tor as per instructions available at http://pestilenz.org/~bauerm/tor-openbsd-howto.html and https://trac.torproject.org/projects...bsdChrootedTor These documents are not up-to-date and during the test I have taken into account the missing bits. After the setup when I tried to start tor in chroot I got 'Abort trap'. The trials were carried out on OpenBSD-5.6 i386 running in qemu on OpenBSD host. I will like to know how I can achieve this and chroot tor. This security concern is only about sshing thru tor or hosting a hidden service, for everything else I pass traffic thru <lan> --- <OpenBSD-router> --- <squid> --- <privoxy-chrooted> --- <tor> --- <Internet>. Thanks! |
|
||||
Disclaimer: I don't know anything about your compromised servers/clients, nor about tor as an ssh attack vector. But there is a reason ssh(1) warns the user if the server keys have changed.
Prior to 5.6, the OpenBSD FAQ had a section (FAQ 10.16) that discussed chrooted application requirements for web servers. While intended for applications running with Apache or nginx, it contained general considerations you might find helpful. Here's a link to revision 1.187 of FAQ 10, the changes which removed section 10.16 from the FAQ occurred in revision 1.188. |
|
|||
Quote:
|
|
||||
Quote:
Quote:
Quote:
Quote:
|
|
||||
That is single-factor authentication, and, I'm going to guess, most likely how your client credentials were obtained. While passwords are easy to use, they require your client to trust the server with the password. And the server you connected to was compromised.
Some of the other authentication methods available with SSH do not require passing of usable client credentials, so that a compromised server cannot steal a client's identity. This includes the skey(1) one-time-pad, but as that is single factor and requires provisioning and reprovisioning for single-use keys ... far more widely, people use Public Key Authentication, which uses passphrases (something you know) with private client keys (something you have) for two-factor authentication with a host that has the public half of the client's key pair. The server never obtains access to the client's private credentials -- authentication is done mathematically. Quote:
The private key remains private, and in control of the client. The public key can be shipped insecurely -- via Email, posted on a forum -- and the host need only add it to the client's intended $HOME/.ssh/authorized_keys on the server, and the client can authenticate. Without a password, and without ever sending the client's private key to the server. Management of client keys and passphrases for connecting to (or through) multiple systems can be simplified for users with ssh-agent(1) and ssh-add(1). Last edited by jggimi; 6th March 2015 at 03:04 AM. Reason: clarity, typos, the usual. and more clarity. and typos. forever. |
|
|||
Quote:
Quote:
I will still prefer chrooting Tor and minimize exposure. |
|
||||
If you must use remote passwords -- and there are many times they are unavoidable -- then I recommend you and your user community never use the same password across different systems. If I understood what happened to you, your password happened to be used across multiple systems, so the theft of your credentials permitted reverse access. And possibly, access to any other systems with the same userid/pw combination.
I have dozens, if not hundreds of unique passwords for network services of all kinds, from forums like this to banking, healthcare, tax services, government portals. And with very few singular exceptions I do not know my passwords to any of them. I only need to know my passphrase for my password manager, which includes a random password generator, and I used that to create unique passwords for every site. |
|
|||
Quote:
After a lot of thinking I guess it was the tor instance that triggered this, obviously some guy running exitnode was bored and decided to decrypt the traffic. Here are more details https://trac.torproject.org/projects.../doc/badRelays & http://www.cs.kau.se/philwint/spoile...s/pets2014.pdf I have a select ExitNodes configured but I reckon it will be a good idea to put tor in chroot and I wish future OpenBSD tor package does that by default. |
|
|||
Yes, 4 instances of user got me thinking. Unfortunately I can not reproduce this incident. I checked users after a couple of hours of Tor SSH exploit.
|
Tags |
chrooting tor, hidden service, ssh |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Run 2 instances of ftp_proxy | Simon | OpenBSD Security | 0 | 29th April 2010 06:08 AM |
Multiple instances of Opera | ebzzry | FreeBSD General | 7 | 24th July 2008 03:53 AM |
Possible to run multiple instances of ftp-proxy on boot? | amac | OpenBSD General | 3 | 23rd May 2008 11:15 AM |